Server | Apache |
Frame-Options | SAMEORIGIN |
X-XSS-Protection | 1; mode=block |
Vary | Accept-Encoding,User-Agent |
Content-Encoding | gzip |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-WebKit-CSP | default-src: 'self' 'unsafe-inline' *.bankersfinancialcorp.com *.google-analytics.com *.googleapis.com apis.google.com themes.googleusercontent.com *.typekit.net *.w3.org wordpress.org; connect-src 'self' |
X-Permitted-Cross-Domain-Policies | master-only |
Keep-Alive | timeout=5, max=99 |
Connection | Keep-Alive |
Content-Type | text/html; charset=UTF-8 |